Common Information
| Type | Value |
|---|---|
| Value |
Archive Collected Data - T1560 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network.(Citation: DOJ GRU Indictment Jul 2018) Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender. Both compression and encryption are done prior to exfiltration, and can be performed using a utility, 3rd party library, or custom method. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2023-10-17 | 92 | Anomali Cyber Watch: RomCom 4.0 Targeted Female Politicians, Israeli RedAlert App Impersonated, and More. – Anomali | ||
| Details | Website | 2023-09-22 | 56 | Examining the Activities of the Turla APT Group | ||
| Details | Website | 2023-09-22 | 57 | Examining the Activities of the Turla APT Group | ||
| Details | Website | 2023-09-18 | 20 | Ransomware Redefined: RedEnergy Stealer-as-a-Ransomware attacks | ||
| Details | Website | 2023-09-18 | 90 | DBatLoader: Actively Distributing Malwares Targeting European Businesses | ||
| Details | Website | 2023-08-28 | 135 | HTML Smuggling Leads to Domain Wide Ransomware - The DFIR Report | ||
| Details | Website | 2023-08-25 | 195 | Russia/Ukraine Update - August 2023 | ||
| Details | Website | 2023-08-24 | 119 | Identifying ADHUBLLKA Ransomware: LOLKEK, BIT, OBZ, U2K, TZW Variants | ||
| Details | Website | 2023-08-18 | 77 | WARNING: NEW ATTACK CAMPAIGN UTILIZED A NEW 0-DAY RCE VULNERABILITY ON MICROSOFT EXCHANGE SERVER | ||
| Details | Website | 2023-07-27 | 50 | Dark Web Profile: 8Base Ransomware | ||
| Details | Website | 2023-07-27 | 117 | Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector | ||
| Details | Website | 2023-07-25 | 6 | APT Profile: Kimsuky - SOCRadar® Cyber Intelligence Inc. | ||
| Details | Website | 2023-07-20 | 33 | Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells | CISA | ||
| Details | Website | 2023-07-06 | 11 | RedEnergy: a sophisticated Stealer-as-a-Ransomware threat | ||
| Details | Website | 2023-06-14 | 23 | Understanding Ransomware Threat Actors: LockBit – Cyber Safe NV | ||
| Details | Website | 2023-06-06 | 27 | Anomali Cyber Watch: LEMURLOOT on Exploited MOVEit Transfers, Zero-Click iOS Exploit Targeted Kaspersky, Qakbot Turns Bots into Proxies | ||
| Details | Website | 2023-05-30 | 112 | Russia/Ukraine Update - May 2023 | ||
| Details | Website | 2023-05-25 | 17 | Chinese State-Sponsored Cyber Actor Detection: Joint Cybersecurity Advisory (CSA) AA23-144a Sheds Light on Stealty Activity by Volt Typhoon Targeting U.S. Critical Infrastructure - SOC Prime | ||
| Details | Website | 2023-05-22 | 141 | IcedID Macro Ends in Nokoyawa Ransomware - The DFIR Report | ||
| Details | Website | 2023-05-11 | 1 | What Is Security Information And Event Management? | ||
| Details | Website | 2023-05-09 | 67 | Akira Ransomware is “bringin’ 1988 back” | ||
| Details | Website | 2023-05-09 | 19 | Hunting Russian Intelligence “Snake” Malware | CISA | ||
| Details | Website | 2023-05-02 | 25 | Dark Web Profile: BlackByte Ransomware - SOCRadar | ||
| Details | Website | 2023-04-03 | 22 | Anomali Cyber Watch: Balada Injector Exploits WordPress Elementor Pro, Icon 3CX Stealer Detected by YARA, Koi Loader-Stealer Compresses-then-Encrypts Memory Streams | ||
| Details | Website | 2023-04-01 | 55 | The Rise of FusionCore An Emerging Cybercrime Group from Europe - CYFIRMA |